所有博客

This article explores potential security issues related to Soroban contract state storage and highlights key considerations during development, helping Soroban smart contract developers avoid storage-related vulnerabilities.

Smart contracts are blockchain-based programs that automate agreements without intermediaries. Learn how smart contracts work, their uses, benefits, and risks.

Our Skynet DPRK Crypto Threats Report discusses key North Korean hacker trends, including amounts stolen, number of incidents, and the most substantial hacks over the past 10 years.

Standards like EIP-8004 and EIP-8183 are strong foundations, but as we build more complex layers, such as scoring systems, hooks, and AI evaluators, new risks are introduced.

After the publication of our February 2026 Wrench Attacks Report, we now look at the continued escalation of wrench attacks, which have become a structural threat for cryptocurrency holders.

By integrating three critical technical pillars—Identity (EIP-8004), Commerce (EIP-8183), and Payments (x402)—we can build an open machine economy where AI agents operate as sovereign economic actors, secured by trustless primitives rather than centralized gatekeepers.

Explore how AI is reshaping smart contract auditing in Web3, from faster vulnerability detection to new risks like false positives and model limitations.

The Telegram escrow market has gradually evolved into an underground service ecosystem that integrates escrow matching, fund settlement, merchant management, and traffic distribution, showing clear signs of “platformization” and network-based development.

For companies operating or planning to scale globally, the implications are that multi-jurisdictional licensing is now a baseline requirement; AML compliance budgets must align with the scale of enforcement; and security audits are recurring, jurisdiction-specific costs, rather than one-time exercises.

AI smart contracts combine blockchain and AI to enable adaptive automation, real-time decision-making, and scalable Web3 applications.

AI Auditor was originally built as an internal tool for CertiK’s own auditors, but is now available to the public after more than six months of rigorous application. In evaluations against 35 real-world Web3 security incidents from 2026, AI Auditor achieved an 88.6% cumulative exact hit rate, all while being engineered specifically to deliver high detection with exceptionally low noise.

An overview of the transformative U.S. crypto regulatory developments in March 2026, featuring the SEC-CFTC peace treaty, the Token Taxonomy release, and a breakthrough in the Senate Banking "yield" debate.